Skip to content

Instantly share code, notes, and snippets.

@simon-amadeus

simon-amadeus/InstallTypo3.sh

Forked from oliverthiele/InstallTypo3.sh
Created May 25, 2020 11:04
Show Gist options
  • Save simon-amadeus/f17596671df35035ca3d1bcbd2bf1c35 to your computer and use it in GitHub Desktop.
Save simon-amadeus/f17596671df35035ca3d1bcbd2bf1c35 to your computer and use it in GitHub Desktop.
Download ZIP
Script for installing a TYPO3 Version 9.5 LTS on a new Ubuntu 18.04 Server
Raw
InstallTypo3.sh
#!/bin/sh
### Before executing this script make a system update:
# apt update; apt --assume-yes dist-upgrade; apt --assume-yes autoremove;
# reboot
# VirtualBox does not work with ipv6, so you have to disable it before running this script:
# sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
# sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
wwwRoot='/var/www/';
composerDirectory=${wwwRoot}typo3/;
typo3PublicDirectory=${composerDirectory}public/
# typo3Version='^9.5';
read -r -p "Install TYPO3 in '${typo3PublicDirectory}'. Is this correct [y/N] " response
case "$response" in
[yY][eE][sS]|[yY])
echo "Start the install script ..."
;;
*)
exit;
;;
esac
rm ${composerDirectory} -rf
echo "INFO Install System (nginx, php 7.2, MySQL, Redis, …)"
apt --assume-yes install nginx-full php7.2-fpm php7.2-gd php7.2-mysql php7.2-opcache php7.2-xml php7.2-intl php7.2-zip php7.2-mbstring php-soap dos2unix php-apcu apache2-utils redis-server php-redis php-curl mysql-server graphicsmagick ghostscript zip unzip catdoc argon2;
# Prepare Let's Encrypt
#apt install software-properties-common
#add-apt-repository universe
#add-apt-repository ppa:certbot/certbot
#apt update
#apt install certbot
#apt install python-certbot-nginx
locale-gen de_DE.UTF-8
# Change the login shell for user www-data
chsh -s /bin/bash www-data
############# Edit here: ##################
pathToPhpIni='/etc/php/7.2/fpm/php.ini';
############# Create DB ###################
echo "INFO Create MySQL DB"
# create random password
dbUser='typo3'
dbPass="$(openssl rand -base64 12)"
dbDatabase=${dbUser}_1
mysql -e "CREATE DATABASE ${dbDatabase} CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
mysql -e "CREATE USER ${dbUser}@localhost IDENTIFIED BY '${dbPass}';"
mysql -e "GRANT ALL PRIVILEGES ON ${dbDatabase}.* TO '${dbUser}'@'localhost';"
mysql -e "FLUSH PRIVILEGES;"
################################################## Optimize php.ini
echo "INFO Optimize php.ini"
# sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=300/g' /etc/php-7.0.d/10-opcache.ini
sed -i 's/max_execution_time = 30/max_execution_time = 240/' ${pathToPhpIni}
sed -i 's/max_input_time = 60/max_input_time = 120/' ${pathToPhpIni}
sed -i 's/max_input_vars = 1000/max_input_vars = 10000/' ${pathToPhpIni}
sed -i 's/; max_input_vars = 10000/max_input_vars = 10000/' ${pathToPhpIni}
sed -i 's/memory_limit = 128M/memory_limit = 512M/' ${pathToPhpIni}
sed -i 's/post_max_size = 8M/post_max_size = 200M/' ${pathToPhpIni}
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 200M/' ${pathToPhpIni}
sed -i 's/max_file_uploads = 20/max_file_uploads = 200/' ${pathToPhpIni}
service php7.2-fpm restart
################################################## Install composer
echo "INFO Install composer"
EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
ACTUAL_SIGNATURE="$(php -r "echo hash_file('SHA384', 'composer-setup.php');")"
if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
then
>&2 echo 'ERROR: Invalid installer signature'
rm composer-setup.php
exit 1
fi
php composer-setup.php --quiet
RESULT=$?
rm composer-setup.php
echo 'Composer Setup Result:' $RESULT
# Make composer globally availible
mv composer.phar /usr/local/bin/composer
################################################## Edit user www-data / add user typo3
# User typo3 is used for the composer installation
systemPass="$(openssl rand -base64 12)"
echo "INFO Enable SSH for user www-data"
useradd -g www-data typo3 --home-dir=${composerDirectory} --shell='/bin/bash' -m
echo "typo3:${systemPass}" | chpasswd
echo "www-data:${systemPass}" | chpasswd
mkdir /var/www/.ssh/
cp -ap /root/.ssh/authorized_keys /var/www/.ssh/authorized_keys
################################################## Install TYPO3
echo "INFO Install TYPO3"
mkdir ${composerDirectory}
chmod 2770 ${composerDirectory}
chown www-data:www-data /var/www/ -R
cd ${composerDirectory}
sudo -i -u typo3 composer require typo3/minimal ${typo3Version} typo3/cms-lowlevel ${typo3Version} \
typo3/cms-about ${typo3Version} typo3/cms-belog ${typo3Version} typo3/cms-beuser ${typo3Version} typo3/cms-felogin ${typo3Version} \
typo3/cms-fluid-styled-content ${typo3Version} typo3/cms-form ${typo3Version} typo3/cms-impexp ${typo3Version} \
typo3/cms-info ${typo3Version} typo3/cms-rte-ckeditor ${typo3Version} typo3/cms-setup ${typo3Version} typo3/cms-seo ${typo3Version} \
typo3/cms-sys-note ${typo3Version} typo3/cms-t3editor ${typo3Version} typo3/cms-tstemplate ${typo3Version} typo3/cms-viewpage ${typo3Version} \
typo3/cms-adminpanel ${typo3Version} typo3/cms-redirects ${typo3Version} typo3/cms-workspaces ${typo3Version} typo3/cms-reports ${typo3Version} \
typo3/cms-scheduler ${typo3Version} typo3/cms-recycler ${typo3Version} typo3/cms-opendocs ${typo3Version} typo3/cms-linkvalidator ${typo3Version}
# sudo -i -u typo3 composer config repositories.typo3satis '{"type": "composer", "url": "https://composer.typo3.org/"}'
sudo -i -u typo3 composer config repositories.local '{"type": "path", "url": "./Extensions/*"}'
find -type d -print0 | xargs -0 chmod 2770 && find -type f -print0 | xargs -0 chmod 0660;
chown www-data:www-data /var/www/ -R
mkdir Extensions
################################################## Enable Website in nginx
echo "INFO Configure website in nginx"
cat >/etc/nginx/snippets/browserCaching.nginx <<EOL
# CSS / JS
location ~* ^/typo3temp/Assets/.*\.js {
expires max;
add_header Vary Accept-Encoding;
add_header Pragma public;
add_header Cache-Control "public";
gzip on;
}
location ~* ^/typo3conf/ext/.*\.(js|css)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public";
}
# Media
location ~* \.(?:ico|gif|jpe?g|png|ogg|bmp|png|webp|mp4|webm|h264|h265|svg|woff|woff2|ttf|eot)$ {
if (\$http_origin ~ "^(https://code.jquery.com|http://example.com)$") {
add_header Access-Control-Allow-Headers Content-Type;
add_header Access-Control-Max-Age 86400;
add_header Access-Control-Allow-Origin \$http_origin;
}
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
# # etag is supported on nginx >= 1.3.3
# # etag on;
# # https://www.maxcdn.com/blog/accept-encoding-its-vary-important/
# add_header Vary Accept-Encoding;
}
EOL
cat >/etc/nginx/snippets/compression.nginx <<EOL
# Compression
gzip on;
gzip_http_version 1.1;
gzip_min_length 1000;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6] \.";
gzip_types
# text/html # text/html is always compressed by HttpGzipModule
text/css
text/xml
application/x-javascript
application/atom+xml
text/mathml
text/plain
text/vnd.sun.j2me.app-descriptor
text/vnd.wap.wml
text/x-component
text/javascript
application/javascript
application/json
application/xml
application/rss+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
gzip_vary on;
EOL
rm /etc/nginx/sites-available/default;
#cat >/etc/nginx/sites-available/default <<EOL
#server {
# listen 80 default_server;
# listen [::]:80 default_server;
# location / {
# deny all;
# }
#}
#EOL
rm /etc/nginx/sites-enabled/default
cat >/etc/nginx/sites-available/typo3 <<EOL
server {
listen 80;
listen [::]:80;
charset utf-8;
root ${typo3PublicDirectory};
# Add index.php to the list if you are using PHP
index index.html index.php;
server_name _;
port_in_redirect off;
server_name_in_redirect off;
client_max_body_size 64M;
client_header_buffer_size 32k;
large_client_header_buffers 16 512k;
# todo check function
# include snippets/browserCaching.nginx;
# include snippets/compression.nginx;
# Installtool
# Path for TYPO3 7.6: /typo3/sysext/install/Start/Install.php
rewrite ^/typo3/install/\$ /typo3/install.php permanent;
# versionNumberInFilename
rewrite "^(.*)\.(\d{10})\.(css|js)$" \$1.\$3 last;
location / {
# auth_basic "Restricted";
# auth_basic_user_file /var/www/typo3/.htpasswd;
# any / all
# satisfy any;
# allow 192.168.1.1/24;
# allow 127.0.0.1;
try_files \$uri \$uri/ /index.php?\$args;
}
location = /favicon.ico {
log_not_found off;
access_log off;
expires max;
break;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Restrict access to deleted files in Recycler directories
location ~ ^/fileadmin/(.*/)?_recycler_/ {
deny all;
access_log off;
log_not_found off;
break;
}
# For CSS with compression
location ~* "\.css(\.|\.\d{10}\.)gzip$" {
rewrite "^(.+css)\.(\d+\.)gzip$" /\$1.gzip;
add_header Content-Encoding gzip;
add_header Vary Accept-Encoding;
add_header Access-Control-Allow-Origin *;
gzip off;
types { text/css gzip; }
expires max;
log_not_found off;
}
# For JavaScript with compression
location ~* "\.js(\.|\.\d{10}\.)gzip$" {
rewrite "^(.+js)\.(\d{10}\.)gzip$" /\$1.gzip;
add_header Content-Encoding gzip;
add_header Vary Accept-Encoding;
gzip off;
default_type application/javascript;
expires max;
log_not_found off;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files \$fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set \$path_info \$fastcgi_path_info;
fastcgi_param PATH_INFO \$path_info;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_param TYPO3_CONTEXT Development;
#fastcgi_param TYPO3_CONTEXT Production/Staging;
#fastcgi_param TYPO3_CONTEXT Production;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
location ~ /\.ht {
deny all;
}
}
EOL
ln -sfT /etc/nginx/sites-available/typo3 /etc/nginx/sites-enabled/typo3;
service nginx restart
################################################## Enable TYPO3 installation
echo "INFO Enable TYPO3 installation"
cd ${typo3PublicDirectory}
touch FIRST_INSTALL
################################################## Change all permissions
cd ${composerDirectory}
echo "INFO Change permissions"
find -type d -print0 | xargs -0 chmod 2770 && find -type f -print0 | xargs -0 chmod 0660;
chown www-data:www-data /var/www/ -R
# Permissions for special files
chown -h www-data:www-data /var/www/.ssh/authorized_keys
chmod 0700 /var/www/.ssh/
chmod 0600 /var/www/.ssh/authorized_keys
##############
ipAddress=`ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}'`
echo "---------------------------------------"
echo "---- FINISH ----"
echo "---------------------------------------"
echo ""
echo System / SSH password: ${systemPass};
echo DB Password: ${dbPass};
echo ""
echo "You find this passwords in the file "${composerDirectory}"install-log-please-remove.log"
echo "Please finish the installation in your browser http://"${ipAddress}
cat > ${composerDirectory}install-log-please-remove.log <<EOL
# TYPO3 Server
## System User (SSH):
User: www-data
Password: ${systemPass}
## Database:
Database: ${dbDatabase}
User: ${dbUser}
Password: ${dbPass}
EOL
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment